package com.authentications.oauth2.auc;

import com.authentications.oauth2.auc.handler.unrealized.AccessDeniedHandler;
import com.authentications.oauth2.auc.handler.unrealized.AuthenticationEntryPoint;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;

/**
 * @ClassName WebSecurityConfig
 * @Author xiezhuocai
 * @Description Oauth2 Adapter类
 * @Date 2021/12/18 15:50
 */
//@Configuration
//@EnableGlobalMethodSecurity(securedEnabled = true,prePostEnabled = true)
public class Oauth2WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                .antMatchers("/**").authenticated() //所有的请求都需要认证
                .anyRequest().permitAll() //其他地址不认证
                .and()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)//基于token不用session
                .and()
                //授权错误信息处理
                .exceptionHandling()
                //用户访问资源没有携带正确的token
                .authenticationEntryPoint(new AuthenticationEntryPoint())
                //用户访问没有授权资源
                .accessDeniedHandler(new AccessDeniedHandler());
    }
}
